SOC Lead

SOC Lead
6-month PAYE contract
London based, 2 days per week in the office, working from home the rest of the time

Rate: £500/day PAYE gross. Your pay will be subject to the usual employee deductions only, such as income tax and employee NI. Employer costs, including employer NI, apprenticeship levy and holiday accrual, are already built into the assignment pricing and are not taken from the advertised gross day rate.

We're hiring a SOC Lead to join a financially regulated organisation at a key point in its cyber security journey.

This is a hands-on leadership role for someone who can strengthen security operations, improve service performance, and help shape a modern, resilient SOC capability. You'll work across incident response, detection, governance, and operational improvement, while partnering closely with internal teams and external security providers.

My client is looking for someone who has led SOC or cyber defence operations in an enterprise environment, with strong experience across incident response, detection and response maturity, and MSSP oversight. Exposure to Microsoft Sentinel and the wider Microsoft security stack would be particularly relevant.

You'll be joining an environment where cyber security is taken seriously, with real scope to influence operational maturity, tooling, and service standards.

What you'll be doing

• Lead day-to-day security operations and help shape the SOC roadmap in line with the wider cyber security strategy.
• Oversee incident response, threat detection, triage, and mitigation activity.
• Manage security production incidents and contribute to problem and change management forums.
• Work closely with the MSSP to monitor service levels, performance, and operational metrics.
• Review and improve policies, procedures, and technical controls to support efficiency and regulatory compliance.
• Report on cyber operational performance, control effectiveness, and key security metrics.
• Support governance activity by ensuring cyber risks are identified, assessed, and tracked appropriately.
• Partner with IT and support teams to ensure security is Embedded into new services and technology decisions.
• Drive improvements across service requests, ticket management, root cause analysis, and knowledge management.
• Ensure audit trails, logs, and monitoring outputs are reviewed in line with policy and audit expectations.
• Contribute to resource and capacity planning for cyber operations.

What we're looking for

• Proven experience leading or managing Security Operations and IT Security services.
• Strong knowledge of SIEM and monitoring frameworks, including tools such as Microsoft Sentinel and frameworks such as MITRE ATT&CK.
• Good understanding of the Microsoft security stack.
• Experience across security capabilities such as DLP, EDR/XDR, CASB, email security, SWG, and ZTNA/SASE.
• Confidence working with incident management, service improvement, and third-party security providers.
• Interest in automation and the future use of AI within security operations.
• Relevant certifications such as CISSP, CISM, CCSP, or SSCP would be beneficial.